The Problem with SaaS
By 2018, Software-as-a Service (SaaS) is predicted to be worth $67 billion. There’s no doubt it’s been largely embraced worldwide and brought many benefits. However, its one-size-fits-all approach doesn’t suit many enterprises, and that’s not set to change.
As Silicon Valley entrepreneur Noah Jessop puts it:
Companies that focus too much on technology, without putting it in context of a customer problem, will be caught between a rock and a hard place – or as I like to say, “between open source and a cloud place.
Lets take a look.
One of the biggest problems with SaaS is that it’s just not practical for businesses that require full, simple integration to their active directory and domains, and integration with other systems (e.g. a CRM system that links to an order system, finance, customer records etc).
Since most software is not ‘standalone’ within a company, and will need to synchronise with other software, SaaS offerings that cannot closely integrate with internal systems are often not feasible for companies that require it.
Of course, interacting with SaaS applications via API lookups is sometimes an option, but not always. And performing bespoke development, of course, costs time and usually money, especially when a new version of the SaaS tool is released, meaning the work has to be potentially amended or redone.
SaaS applications can’t be customised, which can significantly impair how much a company can leverage its USP or competitive advantage. For example, if a company’s key strength is that it can provide real-time inventory updates and dynamic pricing, but the ecommerce solution they’ve chosen can’t do this, their marketplace position is substantially weakened.
The standardised SaaS model can be problematic in complex implementations or large organisations. With these setups, common requirements are to make specific adaptations to the underlying platform or at least know how it’s built. Typical examples include:
- Scalability queries: Companies often want to know what the performance impact will be of an upsurge in users, but can’t.
- Storage and computing power: These two things are valuable to know and sometimes, to alter. But when a business need arises for say, more space, it can be difficult to know what you have and impossible to change yourself.
The customer’s experience is necessarily limited to whatever the SaaS provider has decided to run on.
With SaaS, all the data is stored with the vendor and they are in control over how/whether they make it available to the customer. As noted by ICAEW, vendors will often export data summaries – intended for use as a ‘friendly report’ – but full exports are much harder to come by.
When IT staff can actually obtain full exports, they’re seldom in a format that can be directly imported into another software application. So migration really can be a cumbersome and problematic aspect of SaaS. If moving your data from one platform to another becomes a huge, drawn-out process, the short notice period you may be on becomes entirely irrelevant. But, any cost premiums paid for the option to cancel at short notice become very relevant.
Finally, the ease and simplicity of data uploads in many SaaS applications is often an advantage to businesses. But, many companies have found that it’s come back to bite them when huge volumes of data have been amassed that can’t easily be moved.
When a SaaS tool is an integral part of business, service downtime (particularly when unscheduled) can have a high cost, as productivity is slowed or brought to a standstill.
And what about when the service is up and running?
Well, there’s no denying that even in optimal situations latency problems and loading times can be a significant issue.
For these reasons, the usual industry advice is to seek information about a SaaS vendor’s past availability and performance levels when considering procurement. Moreover, service level agreements and compensation levels should be part of any contract.
The performance level of the company itself is also important, since any SaaS provider that goes bust can hurt their customers’ businesses substantially. So, to ascertain vendor stability, it’s advised to obtain audited financial statements and information about the company’s ownership.
With SaaS, businesses are usually left in the dark as to whether their provider will secure and back up their data. And those that do often keep users in the dark as to how they do so. This is especially an issue for companies with mission critical or highly confidential data, such as legal firms. Here, full control is often needed, so that the degree of safeguarding is as transparent, bespoke, and extensive as desired.
Complete data security in the cloud can never be guaranteed and many of the disclaimers in software license agreements essentially boil down to “use at your own risk”.
Platform failures and hacks can never be discounted, as explained in the subscription-based ICAEW paper:
Even if the cloud service has built-in redundancy and maintains that data loss isn’t possible as a result of a failure, it cannot guarantee that the platform won’t be compromised and that restoring a safe version won’t be needed…Vulnerabilities are found in software all the time, and any platform that is publicly accessible carries more inherent risk than one that is not.
Major security breaches, such as The Panama Papers (agreed to most likely have been a WordPress/Drupal hack that enabled access to the email server) have driven the renewed rise of the private cloud.
Service as a Software Substitute
Richard Stallman of the Free Software Foundation famously encapsulated his criticism of SaaS with his slight: “Service as a Software Substitute” (SaaSS).
Stallman pointed out that SaaS breaks the rules of free software:
With SaaSS, the users do not have even the executable file that does their computing: it is on someone else’s server, where the users can’t see or touch it. Thus it is impossible for them to ascertain what it really does, and impossible to change it…SaaS inherently gives the server operator the power to change the software in use, or the users’ data being operated on.
The lack of control argument goes further. On-premises software gives users considerable control, but with a hosted solution, you’re relying on the vendor to manage critical business applications for you. What’s more, SaaS simply doesn’t work for many companies who need detailed control over user permissions.
Data and internal processes are not the only things companies are forced to loosen their grip on. With SaaS, version-control is usually lost. Always having the most up-to-date software is often valuable, but there are times when a business will actually need an older version instead – for instance, if a prior build was more stable or more easily integrated with existing applications.
And the common practice of delaying new version adoption until bugs have been ironed out and user feedback gathered is rarely an option with SaaS.
Don’t be Evil
Privacy concerns have largely been met with contempt by the big players. In 2009, Google CEO Eric Schmidt famously reduced the issue to: “If you have something you don’t want anyone to know, maybe you shouldn’t be doing it”.
Have attitudes got any better since then?
Mottoes may have flipped to a positive-reinforcement style (Google’s is now: “Do the right thing”), but you’d be hard pressed to find anyone who’s fully comfortable with how the big IaaS, PaaS, and SaaS players handle privacy. And the small players can’t offer the level of stability and security that many companies need.
The proportion of home-users who are starting to use the dark web, not to do anything “naughty”, but because they’re sick of their lives being monitored and influenced by big companies, is significantly on the rise. And businesses increasingly have the same aspirations: control and freedom.
The Bottom Line
Ultimately if certain users can’t control their environment there’s greater risk, and poor control of data, integration, and backups can cause real issues for enterprises.
Therefore, SaaS seems reserved for mass market, consumer-based apps, and as consumers don’t necessarily want to pay for things, it’s a race to the bottom in pricing structure.
Since the infrastructure that software runs on needs to be set up properly, so it’s secure and performs well, corners are cut when the margins are tight, which further fuels the downward decline of SaaS in the eyes of users.